Education Series: Sybil Attacks

In blockchain whitepapers you’ll often see the term “Sybil attack” come up. Cryptocurrencies and their underlying network protocols can suffer several attacks, one of which is the Sybil attack. So what is it? Let’s discuss what it is and how networks are dealing with it. Named after the subject of a book Sybil, which detailed the case study of a woman diagnosed with Dissociative Identity Disorder, a Sybil attack is a network threat when a node in a claims multiple pseudonymous of identities. Once the Sybil identities are accepted as peers they try to gain control and subvert the network.

Peer-to-peer (p2p networks rely on assumptions of identity. Each node represents one single identity. A Sybil attack happens when either a node is hijacked or intentionally claims multiple identities. Networks with a reputation system can be tricked into thinking that an attacking node has a disproportionally large influence. Due to its influence it can assert decisions on the network that otherwise would not have occurred. Another version of the Sybil attack is when the multiple identity attacker uses its powers maliciously to either steal information or disrupt communication.

In computer science, the Sybil attack was first described John Douceur, a Microsoft researcher. He described the attack’s core issue as each node does not sure that every other node is a single distinct identity. A few third parties have tried to become “authorities” on the subject and assign a physical identifier to every computer on a network. VeriSign for example uses certification software to map IP addresses to a node. Each node would have a password and username before joining the network. But these measures are imperfect. Imagine the scenario of your friends sharing their Netflix password for you. The same could be done with network nodes.

Real world scenarios of Sybil attacks range from spamming internet votes, attaining better search results, or gaming reputation systems. In non-blockchain networks certifications can work to establish node identity to provide network access. But in decentralized blockchains this becomes more difficult. There are certainly private blockchains with permissioned methods of joining the network. But can that truly be called decentralized, blockchain? Networks such as Bitcoin and Ethereum are designed for any node to join the network. Defending against Sybil attacks on these networks require different solutions.

In Proof-of-Stake blockchains such as Ethereum a Sybil attack is defended by positing transaction fees. The rational being would avoid performing a Sybil attack to disrupt network communication because it would cost them a fee. In Bitcoin, a Proof-of-Work blockchain, Sybil attacks can wreak havoc in multiple ways. Nodes can connect to an attacking node which will have the wrong copy of the distributed ledger. Effectively the honest connecting nodes would be disconnected from the network. While Bitcoin does not perfectly prevent Sybil attacks it does make it more difficult to achieve. Nodes can only connect to one IP address in outbound communication and can receive unlimited communication inbound. Nodes will then verify the amount of work that went into the chain they received. The work history in the chain cannot be falsified. If the node receives a second communication inbound and the work between the two chains differs then something may be amiss. Nodes will continue to work until the honest ledger has taken over. This fails when an attacker has successfully taken over all the nodes connecting to an honest node, which is unlikely to happen. In a last resort, an honest node can always check the online block explorer to compare more data points.

Sybil attacks are a real problem on all p2p networks. Defending against them is important in order to ensure constant uptime and fully functioning outputs. Comment below if you have real world examples of these examples or want to know how other decentralized blockchains defend against these attacks.